aboutsummaryrefslogtreecommitdiffstats
path: root/core/certmanager.lua
diff options
context:
space:
mode:
authorMatthew Wild <mwild1@gmail.com>2013-11-21 02:11:09 +0000
committerMatthew Wild <mwild1@gmail.com>2013-11-21 02:11:09 +0000
commit15d3e79598e5b2513d2736fdee0e70fdb75dbf4d (patch)
tree999fa993e1be4d806f987084f99b913cd6cec6af /core/certmanager.lua
parent5f147a5e7253f753ed89cbad21dca3d86eb52bec (diff)
downloadprosody-15d3e79598e5b2513d2736fdee0e70fdb75dbf4d.tar.gz
prosody-15d3e79598e5b2513d2736fdee0e70fdb75dbf4d.zip
certmanager: Further cipher string tweaking. Re-enable ciphers required for DSA and ECDH certs/keys.
Diffstat (limited to 'core/certmanager.lua')
-rw-r--r--core/certmanager.lua2
1 files changed, 1 insertions, 1 deletions
diff --git a/core/certmanager.lua b/core/certmanager.lua
index 976b0a88..d6784a96 100644
--- a/core/certmanager.lua
+++ b/core/certmanager.lua
@@ -70,7 +70,7 @@ function create_context(host, mode, user_ssl_config)
options = user_ssl_config.options or default_options;
depth = user_ssl_config.depth;
curve = user_ssl_config.curve or "secp384r1";
- ciphers = user_ssl_config.ciphers or "HIGH+kEDH:HIGH+kEECDH:HIGH+kRSA:!DSS:!3DES:!aNULL";
+ ciphers = user_ssl_config.ciphers or "HIGH+kEDH:HIGH+kEECDH:HIGH:!PSK:!SRP:!3DES:!aNULL";
dhparam = user_ssl_config.dhparam;
};